close

What Is Truth to Power?

[+/-] A research and advisory resource...
dedicated to bridging the gaps between governance and practice, technology and business, regulation and control, risk management and real market pressures, and your own knowledge and the knowledge of your peers.
[+/-] An open forum and community...
built to create a common pool of knowledge—one big brain—that lets you work more efficiently, build technology and business practices more effectively, and endure audits more effortlessly.
[+/-] A plexus nexus...
a neutral hub through which you can reach many valuable information nodes, resource collections, and organizations that are helping people like you already, but in fractured ways.
[+/-] A rebellion...
against the idea that auditors, analysts, and consultancies can control information simply through their ability to collect and distill it. T2P's goal is to unlock the vast body of knowledge, insight, and conventional wisdom that we all have, make it freely available to you, and help you digest and interpret it—without undue cost, bias, or hype.
Top Panel
WHAT IS T2P?
Top Panel
IT Audit Checklist: Risk Management

The IT Audit Checklist for Risk Management includes:

  • 80 specific checklist items to help you assess internal audit readiness
  • Controls derived from prominent standards/frameworks including ITIL, CobiT, and NIST
  • Pointers on audit planning, preparation, testing, and reporting
  • Clarification on what auditors want (and don't want) to see

What Is This Paper About?

This document supports an internal audit of the organization's risk management program and processes. Providing guidance to improve your risk management program and to assess the robustness of your risk management efforts, the checklist is intended to help business and IT managers prepare for an audit of risk management controls, making the audit experience and results as productive as possible.

Authors

Dan Swanson, CMA, CIA, CISA, CISSP, CAP, is a 26-year internal audit veteran and former director of professional practices at the Institute of Internal Auditors. Swanson has completed internal audit projects for more than 30 different organizations, spending almost 10 years in government auditing, at the federal, provincial, and municipal levels, and the rest in the private sector, mainly in the financial services, transportation, and health sectors.

He has completed more than 50 IT conversion audits and a dozen comprehensive audits of the information technology function. The author of more than 150 articles on internal auditing and other management practices, Swanson is currently a freelance writer and health information security officer during the day. He can be reached via email at This e-mail address is being protected from spambots. You need JavaScript enabled to view it .

Series Editor: Cass Brewer


it audit checklist download link
downloadkey-mo

library
Comments
RSS
Only registered users can write comments!

3.26 Copyright (C) 2008 Compojoom.com / Copyright (C) 2007 Alain Georgette / Copyright (C) 2006 Frantisek Hliva. All rights reserved."